James Lampert wrote:
We have a situation:
A Tomcat server with a number of contexts.
One of those contexts should be available unsecured on port 8080.
The others should only be available secured, on port 443.
Is there a way we can restrict 8080 to the one unsecured context?
I am not specialist, but in
http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#Common_Attributes
I see this :
quote
redirectPort
If this Connector is supporting non-SSL requests, and a request is received for
which a
matching <security-constraint> requires SSL transport, Catalina will
automatically
redirect the request to the port number specified here.
unquote
Let's suppose that the context in question is named "no-https", located in
(catalina_base)/webapps/no-https/.
And that a request is made for "http://yourserver:8080/no-https";.
Seen the above, I would imagine that if that particular context does not have a
<security-constraint> requiring SSL transport (HTTPS), the request will not be
re-directed
by the Connector for port 8080, and would thus remain HTTP.
On the other hand, if a request is received directly for
"https://yourserver:443/no-https";, then it would belong to some servlet filter
inserted in
that webapp, to send back a redirect response to
"http://yourserver:8080/no-https";.
But I may imagine wrong, since I am not a specialist.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
